# Report 2019-08

## News

 - [N.Y.P.D. Adds Children as Young as 11 to Facial Recognition Database](https://www.nytimes.com/2019/08/01/nyregion/nypd-facial-recognition-children-teenagers.html)
 - [Caixabank rolls out facial recognition ATMs](https://www.finextra.com/newsarticle/34194/caixabank-rolls-out-facial-recognition-atms)
 - [PredictIt Owns the Market for 2020 Presidential Election Betting](https://www.bloomberg.com/news/articles/2019-08-01/predictit-owns-the-market-for-2020-presidential-election-betting)
 - [Pentagon testing mass surveillance balloons across the US](https://www.theguardian.com/us-news/2019/aug/02/pentagon-balloons-surveillance-midwest)
 - [How Amazon will take over your house](https://www.axios.com/amazon-echo-alexa-ring-smart-home-surveillance-15323060-972f-46e5-8aa0-b3506249a7b0.html)
 - [UK data science company DataSparQ has developed “AI Bar”, an AI-powered facial recognition system to help bartenders check IDs, fill orders faster and fairer](https://gizmodo.com/facial-recognition-system-for-getting-drunk-more-effici-1836883374)
 - [Nike buys an AI startup that predicts what consumers want](https://techcrunch.com/2019/08/07/nike-buys-an-ai-startup-that-predicts-what-consumers-want/)
 - [Twitter admits using user data for ads without consent](https://www.dw.com/en/twitter-admits-using-user-data-for-ads-without-consent/a-49924218)
 - [Instagram ad partner secretly sucked up and tracked millions of users’ locations and stories](https://techcrunch.com/2019/08/07/instagram-ad-partner-secretly-sucked-up-and-tracked-millions-of-users-locations-and-stories/)
 - [Juul Launches New Bluetooth-connected E-Cigarette That Tracks User's Vaping](https://www.ibtimes.com/juul-launches-new-bluetooth-connected-e-cigarette-tracks-users-vaping-2810849)
 - [Revealed: Microsoft Contractors Are Listening to Some Skype Calls](https://www.vice.com/en_us/article/xweqbq/microsoft-contractors-listen-to-skype-calls)
 - [EU may expand collection of air passenger data to rail and road users](https://www.theguardian.com/world/2019/aug/07/eu-may-expand-collection-of-air-passenger-data-to-rail-and-road-users)
 - [Gay dating apps still leaking location data](https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/)
 - [South Wales Police to use facial recognition app on phones](https://www.bbc.co.uk/news/uk-wales-49261763)
 - [Hundreds of exposed Amazon cloud backups found leaking sensitive data](https://techcrunch.com/2019/08/09/aws-ebs-cloud-backups-leak/)
 - [Mexico Considers Banning Cash for Gasoline Purchases, Highway Tolls](https://www.bloomberg.com/news/articles/2019-08-09/mexico-mulls-banning-cash-for-gasoline-purchases-highway-tolls)
 - [How facial recognition has turned summer camp into a dystopia for campers, parents, counsellors and photographers (but not facial recognition vendors)](https://boingboing.net/2019/08/10/camp-concentration.html)
 - [Most EU cookie ‘consent’ notices are meaningless or manipulative, study finds](https://techcrunch.com/2019/08/10/most-eu-cookie-consent-notices-are-meaningless-or-manipulative-study-finds/)
 - [Say No to the “Cashless Future” - and to Cashless Stores](https://www.aclu.org/blog/privacy-technology/consumer-privacy/say-no-cashless-future-and-cashless-stores)
 - [Facebook collected and transcribed users’ audio without permission](https://techcrunch.com/2019/08/13/facebook-contractors-said-to-have-collected-and-transcribed-users-audio-without-permission/)
 - [Credit Karma glitch exposed users to other people’s accounts](https://techcrunch.com/2019/08/14/credit-karma-glitch-accounts/)
 - [Kaspersky AV injected unique ID that allowed sites to track users, even in incognito mode](https://arstechnica.com/information-technology/2019/08/kaspersky-av-injected-unique-id-into-webpages-even-in-incognito-mode/)
 - [The N.Y.P.D. Has 82,473 People in a DNA Database. Many of them have no idea their genetic information is there.](https://www.nytimes.com/2019/08/15/nyregion/nypd-dna-database.html)
 - [Mercedes spies on drivers by secretly installing tracking devices in cars and passing information to bailiffs](https://www.thesun.co.uk/motors/9756250/mercedes-spies-drivers-tracking-devices/)
 - [I Visited 47 Sites. Hundreds of Trackers Followed Me.](https://www.nytimes.com/interactive/2019/08/23/opinion/data-internet-privacy-tracking.html)
 - [Microsoft Contractors Listened to Xbox Owners in Their Homes](https://www.vice.com/en_us/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana)
 - [A school in Sweden has been fined over $20,000 for using facial recognition software to control student attendance](https://edpb.europa.eu/news/national-news/2019/facial-recognition-school-renders-swedens-first-gdpr-fine_es)
 - [The spy in your wallet: Credit cards have a privacy problem](https://www.washingtonpost.com/technology/2019/08/26/spy-your-wallet-credit-cards-have-privacy-problem/?noredirect=on)
 - [Amazon Ring, the doorbell-camera firm, has partnered with 400 police forces, extending surveillance reach](https://www.washingtonpost.com/technology/2019/08/28/doorbell-camera-firm-ring-has-partnered-with-police-forces-extending-surveillance-reach/)
 - [YouTube Said to Be Fined Up to $200 Million for Children’s Privacy Violations](https://www.nytimes.com/2019/08/30/technology/youtube-childrens-privacy-fine.html)

## Data Breaches

 - [Voter records for 80% of Chile's population left exposed online](https://www.zdnet.com/article/voter-records-for-80-of-chiles-population-left-exposed-online/)
 - [Poshmark clothing marketplace says hacker stole customer details](https://www.zdnet.com/article/poshmark-clothing-marketplace-says-hacker-stole-customer-details/)
 - [StockX was hacked, exposing millions of customers’ data](https://techcrunch.com/2019/08/03/stockx-hacked-millions-records/)
 - [E3 website leaks personal info, including addresses and phone numbers, of 2,000+
reporters and content creators](https://kotaku.com/e3-expo-leaks-the-personal-information-of-over-2-000-jo-1836936908)
 - [CafePress.com Suffered Data Breach Affecting 23M Accounts](https://www.itsecuritynews.info/cafepress-com-suffered-data-breach-affecting-23m-accounts-no-official-disclosure-yet/)
 - [Major breach found in biometrics system used by banks, UK police and defence firms](https://www.theguardian.com/technology/2019/aug/14/major-breach-found-in-biometrics-system-used-by-banks-uk-police-and-defence-firms)
 - [700,000 Choice Hotels records leaked in data breach, ransom demanded](https://www.zdnet.com/article/700000-choice-hotels-records-leaked-in-data-breach/)
 - [European Central Bank (ECB) discloses data breach in BIRD Newsletter](https://securityaffairs.co/wordpress/89953/data-breach/ecb-data-breach.html)
 - [Adult website Luscious left data of 1M+ users exposed, including user email addresses, location data, the content they uploaded, liked, and shared](https://www.zdnet.com/article/adult-content-sharing-website-leaked-private-user-information/)
 - [MoviePass exposed thousands of unencrypted customer card numbers](https://techcrunch.com/2019/08/20/moviepass-thousands-data-exposed-leak/)
 - [Mastercard Reports Data Breach to German and Belgian DPAs](https://www.bleepingcomputer.com/news/security/mastercard-reports-data-breach-to-german-and-belgian-dpas)
 - [Binance says that leaked KYC Data are from third-party vendor](https://securityaffairs.co/wordpress/90391/cyber-crime/binance-leaked-kyc-data.html)
 - [Foxit PDF Software Company Suffers Data Breach—Asks Users to Reset Password](https://thehackernews.com/2019/08/foxit-pdf-reader-data-breach.html)

## Papers

 - [50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System (USENIX Security 19)](https://www.usenix.org/conference/usenixsecurity19/presentation/reardon)
